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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 

WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 

after SIX (6) MONTHS from the mailing date of this communication. s 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^ Responsive to communication(s) filed on 19 February 2002 , 
2a)Q This action is FINAL. 2b)E3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-46 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [X] Claim(s) 1-46 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including^the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121 (d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). . 
a)D All b)D Some * c)Q None of: 

. 1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

2. Claims 1-46 are rejected under 35 U.S.C. 1 12, second paragraphias being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

Regarding claims 1, 2, 4, 6-9, 13, 16, 22-25, 27, 29-31, 36 and 39, the claim specifies 
obtaining a portion (For example, see claim 1, line 4.) The meaning of the term "portion" is 
unclear from the context of the claim. Further clarification is requested. 

Regarding claims 1 and 24, the claim specifies a mask (For example, see claim 1, line 
10.) The meaning of the term "mask" is unclear from the context of the claim. Further 
clarification is requested. 

Claim Rejections - 35 USC §102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

4. Claims 1-5, 19-23, 24-28, and 42-46 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Coss et al. (US 6,154,775), hereinafter referred to as Coss. 
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<■ Regarding claims 1 and 24, Coss discloses a method and apparatus for a computer 
network firewall with dynamic rule processing with the ability to dynamically alter the 
operations of rules, which comprises: 

Receiving an incoming data packet (Referring to Figure 2, firewall 212 receives packets;) 

Parsing the incoming data packet to obtain a portion of the incoming data packet 
(Referring to Figure 3, firewalls 212 and 213 parse packets;) 

Comparing said portion with rules stored in a rule table, where each rule of said rules . 
specifies a set of actions (Referring to Figure 3, rules are applied sequentially until a rule is 
found which is satisfied by the packet. See column 4, lines 27-29;) 

Selecting a match between said portion and a particular rule of said rules; and executing 
a particular set of actions specified by said particular rule (Referring to Figure 3, a packet from 
source host A to destination host D and representing mail will be dropped under rule 20. See 
column 4, lines 31-34;) 

Wherein each rule field of said rules includes a mask and a selection flag used in the 
comparing said portion with each rule (Referring to Figures 3 and 4, each session key is indexed 
through a hash table (mask) and has a corresponding applicable action. See column 5, lines 55- 
59.) 

Regarding claims 2 and 25, Coss discloses wherein the step of comparing said portion 
with rules stored in a rule table comprises comparing specific fields of the incoming data packet 
with corresponding rule fields in all of the rules stored in the rule table (Referring to Figure 3, 
rules are applied sequentially until a rule is found which is satisfied by the packet. See column 4, 
lines 27-29.) 
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Regarding claims 3 and 26, Coss discloses wherein specific fields of the packet include a 
source port identification number and Layer 2 to Layer 7 headers (Referring to Figures 3 and 4, 
the session key includes the source port and corresponding headings from different layers, as 
well as, the packet including such headers. See column 5, lines 59-65.) 

Regarding claims 4 and 27, Coss discloses wherein the step of selecting a match between 
said portion and a particular rule of said rules comprises selecting a highest priority rule of said 
rules to be the particular rule when more than one rule of said rules match said portion 
(Referring to Figure 3, a packet from source host A to destination host D and representing mail 
will be dropped under rule 20 (highest priority). See column 4, lines 31-34.) 

Regarding claims 5 and 28, Coss discloses wherein the highest priority rule is determined 
by the addresses of said rules within said rules tables (Referring to Figure 3, a packet from 
source host A to destination host D and representing mail will be dropped under rule 20 (highest 
priority). See column 4, lines 31-34.) 

Regarding claims 19 and 42, Coss discloses wherein the step of executing a particular set 
of actions specified by said particular rule comprises modifying a header of the incoming data 
packet, forwarding the incoming data packet to a destination address, or updating a 
management information register (Referring to Figures 3, 4, 5A and 5B, when a rule applies to 
the packet calls for an address change to a proxy or for insertion of one packet into another 
("tunnel option"), the process returns to step 505 for processing based on the changed 
destination. See column 6, lines 66-67 and column 7, lines 1-3.) 

Regarding claims 20 and 43, Coss discloses wherein the step of updating a management 
information register comprises providing a bitmap used to increment individual counters 
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indicating a forwarding, dropping, or processing of certain types of packets (Referring to 
Figures 3, 4, 5A and 5B, when a rule applies to the packet calls for an address change to a proxy 
or for insertion of one packet into another ("tunnel option"), the process returns to step 505 for 
processing based on the changed destination. See column 6, lines 66-67 and column 7, lines 1- 
3.) 

Regarding claims 21 and 44, Coss discloses wherein said particular set of actions 
comprises setting a flow identification for the incoming data packet such that the packet is 
classified according to a class of service (Referring to Figure 3, the category based upon service 
group or protocol/destination port/source port See column 4, lines 46-47.) 

Regarding claims 22 and 45, Coss disclose wherein the step of comparing said portion 
with rules stored in a rule table comprises comparing said portion with rules stored in a rule 
table implemented in a static random access memory, with three types of rule fields and action 
fields all stored in each row of the static random access memory (Referring to Figure 3, rules are 
applied (in memory) sequentially until a rule is found which is satisfied by the packet comprises 
multiple rule fields. See column 4, lines 27-29.) 

Regarding claims 23 and 46, Coss discloses wherein the step of comparing said portion 
with rules stored in a rule table comprises comparing said portion with rules stored in a rule 
table implemented in a content addressed memory, where each entry of the content addressed 
memory includes a selection flag and a validity bit (Referring to Figure 3, rules are applied, in 
memory, sequentially until a rule is found which is satisfied by the packet comprises multiple 
rule fields. See column 4, lines 27-29.) 
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Conclusion 



5. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Donald L. Mills whose telephone number is 571-272-3094. The 
examiner can normally be reached on 8:00 AM to 4:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 



organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Donald L Mills s~\ 



supervisor, Seema Rao can be reached on 571-272-3174. The fax phone number for the 
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JOHN PEZZLO 
PRIMARY EXAMINER 



